BAS worker.exe quarantined by Symantec



  • Hi,
    we have an small issue with BAS and antivirus:

    Short description:
    BAS file "worker.exe" is quarantined by antivirus.

    Detailed bug description(optionally):
    As shown in screenshots below, Symantec Endpoint detects "SONAR.Heuristic.159" and quarantines the file "worker.exe", it is possibly a false positive (it happened us a few months ago with our own application and we had to submit it to get whitelisted https://submit.symantec.com/false_positive/)

    In other systems we have with other AV software (Windows Defender, ESET Internet Security) everything works fine.

    Screenshot(s).
    0_1522142915074_upload-905210ad-50a9-4338-8f8c-1939029d7f51

    0_1522142988773_upload-7366ef51-a822-4fca-a941-22d6239329b4

    BAS version.
    20.8.5

    OS version.
    Windows 7

    If we can help you with any other information or action, please tell, us.

    Kind regards

    Pedro Porlán



  • @pporlan_click worker.exe contains a lot of low level techniques, especially when it comes to tunneling. So this is possible.



  • or put exception or disable antvirus is false positive


Log in to reply